hospira

Top products

The 15 most recently published vulnerabilities affecting hospira.

• CVE-2014-5401Hospira MedNet Code Injection9.8Mar 26, 2019
• CVE-2015-1012Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless us...7.5Mar 25, 2019
• CVE-2015-3956Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior accept drug libraries, firmware updates, ...9.8Mar 25, 2019
• CVE-2015-3954Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior give unauthenticated users root privilege...9.8Mar 25, 2019
• CVE-2015-3953Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior...9.8Mar 25, 2019
• CVE-2015-3952Wireless keys are stored in plain text on Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior...7.5Mar 25, 2019
• CVE-2015-3965Hospira Symbiq Infusion System 3.13 and earlier allows remote authenticated users to trigger "unanticipated operations" by leveraging "elevated privileges" for an unspecified call to an incorrectly...8.8Mar 23, 2019
• CVE-2015-7909Stack-based buffer overflow in Hospira Communication Engine (CE) before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote att...7.3Jan 22, 2016
• CVE-2015-3958Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (forced manual reboot) via a flood of TCP packets.7.8Jul 6, 2015
• CVE-2015-3957Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has unspecified impact and attack vectors.4.6Jul 6, 2015
• CVE-2015-3955Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via unspecified vectors.10.0Jul 6, 2015
• CVE-2015-1011Hospira LifeCare PCA Infusion System before 7.0 has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.5.0Jul 6, 2015
• CVE-2014-5406Hospira LifeCare PCA Infusion System7.6Jul 6, 2015
• CVE-2015-3459The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configurat...10.0Apr 29, 2015
• CVE-2014-5405Hospira MedNet Use of Hard-coded Password9.0Apr 3, 2015